What is the significance of sanctions and SWIFT access?
A short narrative on the history of sanctions, how to perform OFAC searches, best practices for watch list reviews, and assessing the adequacy of your sanctions review process.
Sanctions and SWIFT: If you’re a banker, these are two words with which you should be familiar. Regardless of your occupation, you’ve likely heard these terms in the past week or so as a result of Russia’s invasion of Ukraine. As a refresher, here’s what each means in the banking world:
Sanctions: Sanctions are coercive measures that can be applied to diplomatic, economic and cultural relations between states. Commonly non-military in nature, they are imposed by one state against another (unilateral sanctions) or by an international organization, such as the United Nations (collective sanctions).
SWIFT: Society for Worldwide Interbank Financial Telecommunication or SWIFT acts as the messaging system for international payments, connecting more than 11,000 financial institutions worldwide, including the U.S. Federal Reserve System, the Bank of England, and the European Central Bank.
Within the past week, countries across the world have implemented sanctions against Russia that include the country’s largest financial institutions and influential political figures. Sanctions can have a variety of objectives, like limiting funding ability or sowing discontent among the population. In addition to the sanctions, many countries across the world have united in their efforts to ban many financial institutions in Russia from SWIFT, blocking their ability to operate globally. While the details of the SWIFT ban have not been finalized at the time of this writing, it has been estimated that the complete removal of all Russian banks from SWIFT would cause Russia's GDP to fall by 5%. It remains to be seen what effects these actions will have on Russia’s ability to operate their country’s economy and continue their war efforts against Ukraine.
There are varying opinions on the effectiveness of sanctions. While the concept has been around since 432 BC when the first recording of a sanction took place by the Athenian Empire, it wasn’t until the 20th century that the use of sanctions became more prominent. Sanctions remain controversial as it is difficult to know their true impact because they are extremely hard to measure. According to Dursun Peksen, a sanctions expert at the University of Memphis, economic sanctions result in meaningful behavioral change in the targeted country about 40% of the time. However, a study by the U.S. Government Accountability Office conducted in October 2019 concluded that establishing clear causality is impossible. For example, a sanctioned country or individual may decide to change their behavior for many reasons. Some of these changes may be unrelated to the sanctions.
As a U.S. institution, or maybe just as an interested U.S. party, your sanctions database resource is the Office of Foreign Asset Control (OFAC). The Office of Foreign Asset Control maintains lists of specially designated nationals, countries, financial institutions, and more that have blocked assets and whom U.S. persons are generally prohibited from engaging with. The OFAC site provides users the opportunity to search any party they may be dealing with, take the below example where we check if RiskScout is a prohibited entity.
Luckily we aren’t. But in the event you did return a name-match hit, due diligence must be conducted to ensure the name is a true "hit" or "match" against OFAC's SDN list or targeted countries. This can be completed by researching the details of the name including spelling, location and, if applicable, date of birth. If the name is a true match or if your research is inconclusive, you must call the OFAC Hotline at 1-800-540-6322 to receive instructions on how to proceed. If the name is not a match, detail the due diligence efforts for record-keeping purposes.
Sanctions are a moving target so be aware that people will try to circumvent them. And it isn’t just a bank or credit union’s responsibility to check for this information. “Financial Institutions” per the Bank Secrecy Act (BSA) include entities such as casinos, insurance brokers, money services businesses, mortgage companies or brokers, jewelry and precious metals dealers, and securities or futures brokers. Not only is there a wide breadth of who needs to do these checks,
the majority of fines issued by OFAC have been against non-depository institutions. A whitepaper released by CSI found 81% of fines in 2017 were not against traditional banks. Here are some OFAC best practices:
Leverage a watch list review service or use the OFAC website to check parties with which you are dealing
Institute automatic screening for payments or other high-volume processes
Leverage “fuzzy” logic in your search to identify intentional or accidental misspellings
Regardless of whether or not sanctions are truly effective and fulfill their intended mission, it is the duty of financial institutions to ensure they are adhering to sanction requirements. Failing to comply is a direct violation of regulatory requirements. With the increased complexity of sanctions, sanctions compliance continues to be a growing concern for institutions. Below are some points to consider when evaluating the effectiveness of your institution’s sanctions program:
Does the institution have clear, well-defined sanctions policies and procedures?
Has BSA/AML compliance staff received sanctions training? How often do they receive updated training?
Has line of business specific training been conducted across the institution to ensure each department is aware of their role and responsibilities regarding sanction compliance?
Has the institution conducted a sanction-specific risk assessment?
Has the institution established an effective company-wide culture that emphasizes the importance of sanctions compliance?
Has the institution conducted an inventory of their sanctions monitoring efforts?
Has the institution conducted due diligence to en